A scratch-based graphical policy editor for XACML

This paper proposes a policy-maker-friendly editor for the extensible Access Control Markup Language (XACML) based on the programming language Scratch. Scratch is a blocks-based programming language designed for teaching children programming, which allows users to build programs like a puzzle. We take this concept one step further with an XACML policy editor based on the graphic programming elements of Scratch implemented in Smalltalk. This allows for aiding the user on how to build policies by grouping blocks and operators that fit together and also indicating which blocks that will stick together. It simplifies building the XACML policies while still having an XACML “feel” of the graphic policies.

[1]  Nils Ulltveit-Moe,et al.  Enforcing mobile security with location-aware role-based access control , 2016, Secur. Commun. Networks.

[2]  Andreas Matheus,et al.  How to Declare Access Control Policies for XML Structured Information Objects using OASIS' eXtensible Access Control Markup Language (XACML) , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.

[3]  Kristin Decker,et al.  Uml Distilled A Brief Guide To The Standard Object Modeling Language , 2016 .

[4]  Tim Moses,et al.  EXtensible Access Control Markup Language (XACML) version 1 , 2003 .

[5]  Randall Davis,et al.  LADDER, a sketching language for user interface developers , 2005, Comput. Graph..

[6]  David J. Malan,et al.  Scratch for budding computer scientists , 2007, SIGCSE.

[7]  Stan Matwin,et al.  A Non-technical User-Oriented Display Notation for XACML Conditions , 2009, MCETECH.

[8]  Andreas Matheus,et al.  Geospatial eXtensible Access Control Markup Language , 2008 .

[9]  Nils Ulltveit-Moe,et al.  A novel policy-driven reversible anonymisation scheme for XML-based services , 2015, Inf. Syst..

[10]  Piero A. Bonatti,et al.  ERBAC: event-driven RBAC , 2013, SACMAT '13.

[11]  Jorge Lobo,et al.  An Algebra for Integration and Analysis of Ponder2 Policies , 2008, 2008 IEEE Workshop on Policies for Distributed Systems and Networks.

[12]  Eric Rosenbaum,et al.  Scratch: programming for all , 2009, Commun. ACM.

[13]  Vladimir A. Oleshchuk,et al.  Mobile Security with Location-Aware Role-Based Access Control , 2011, MobiSec.

[14]  Stan Matwin,et al.  Advantages of a non-technical XACML notation in role-based models , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[15]  Krishnendu Roy,et al.  App inventor for android: report from a summer camp , 2012, SIGCSE '12.

[16]  Nils Ulltveit-Moe,et al.  Decision-cache based XACML authorisation and anonymisation for XML documents , 2012, Comput. Stand. Interfaces.

[17]  Mario Ferrari,et al.  Lego Mindstorms Masterpieces: Building and Programming Advanced Robots , 2003 .

[18]  Emil C. Lupu,et al.  Ponder2: A Policy System for Autonomous Pervasive Environments , 2009, 2009 Fifth International Conference on Autonomic and Autonomous Systems.

[19]  Marcus Denker,et al.  Towards a flexible Pharo Compiler , 2013 .